Different operating systems use different file types and file systems. Does it m

Question

Different operating systems use different file types and file systems. Does it make a difference to a virus scan which system it is being run on and what type of malware it's looking for? I ask because the way the files are archived may be different, for example Android's apk is in an archive so would a program like Windows Defender (running on Windows) know how to examine the contents?

In simple cases an AV wouldn't have a problem, for example an AV running on OS X and malware arriving as an .exe would raise a red flag but what about an infected RPM on Windows; Windows doesn't even know how to handle RPMs so would there be a point in scanning such files in hopes of not transferring it on to a Linux machine?

Explanation / Answer

In short no, it does not matter for most cases, including unencrypted archives. Malware detectors snipe signatures, which are basically chunks of data. Unless the platform doesn't malform the data, you should be ok.

That being said, theoretically, you may run into trouble with endianness if the AV doesn't interpret the data correctly. But in most cases the AV (or it's pre-processors) is platform-aware and does endianness translation if neccessary.

Still, your question is quite wide and could use a little more specification.

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.